package com.coinworld.admin.filter;

import com.coinworld.admin.config.XssHttpServletRequestWrapper;
import com.coinworld.constants.CONSTANTS;
import org.springframework.util.StringUtils;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

/**
 * @description
 * @author:
 * @create: 2019-08-14 14:08
 **/
//@WebFilter(filterName = "xssFilter")
public class XssFilter  implements Filter {

    FilterConfig filterConfig = null;

    @Override
    public void init(FilterConfig filterConfig) {
        this.filterConfig = filterConfig;
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        //对创建商品进行放行
        HttpServletRequest req = (HttpServletRequest) request;
        String requestURL = req.getRequestURI();
        if (!StringUtils.isEmpty(requestURL) &&( CONSTANTS.FILTER_PRODUCT_SAVE.equals(requestURL) || CONSTANTS.FILTER_COMMUNITY_EDIT.equals(requestURL)) ){
            chain.doFilter(req,response);
        }else{
            //对请求进行拦截,防xss处理
            chain.doFilter(new XssHttpServletRequestWrapper(req), response);
        }
    }

    @Override
    public void destroy() {
        this.filterConfig = null;
    }

}
